<?php
//iist of folders
if(!$_GET['cmd']) {
	if(!perms_check('images', 'edit') and !perms_check('images', 'del') and !perms_check('images', 'mkdir') and !perms_check('images', 'rmdir')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}
	$content = '<table border="0" width="100%" class="tabelka2">
		<tr>
		<td class="row_3" align=center>'.$lang['file_name'].'</td>
		<td class="row_3" align=center>'.$lang['file_date'].'</td>
		<td class="row_3" align=center>'.$lang['file_tasks'].'</td>
		</tr>
		<tr>
		<td class="row_1" align=left><img src="admin/gfx/icons/icon_folder.gif"> '.$conf['images_dir'].'</td>
		<td class="row_1" align=center>'.date('d.m.Y', filemtime($conf['images_dir'])).'</td>
		<td class="row_1" align=center><a href="index.php?module=admin&action=images&cmd=mkdir&amp;dir=">'.$lang['file_md'].'</a></td>
		</tr>
		';
	dir_list('', 1, 'view_dir');
	$content.='
		<tr>
		<td colspan="7"><a href="index.php?module=admin&action=images&amp;cmd=add">'.$lang['admin_add'].'</a></td>
		</tr>
		</table>';
}
elseif($_GET['cmd'] == 'view_dir') {
	if(!perms_check('images', 'upload') and !perms_check('images', 'edit') and !perms_check('images', 'del') and !perms_check('images', 'mkdir') and !perms_check('images', 'rmdir')) {
		redirect('index.php?module=admin'); 
		exit();
	}
	if(ereg('\.\.', $_GET['dir'])) {
		redirect('index.php?module=admin&action=images'); 
		exit();
	}

	if(substr($_GET['dir'], strlen($_GET['dir'])-1)!='/')
		$_GET['dir']='';

	$t = explode("/", $_GET['dir']);
	$path = '';
	$td = '';
	for($i = 0; $i < count($t)-1; $i++) {
		$td .= $t[$i].'/';
		$path .= '<a href="index.php?module=admin&action=images&cmd=view_dir&amp;dir='.$td.'">'.$t[$i].'</a>/';
	}

	$content = '<div align="left"><a href="index.php?module=admin&amp;action=images">'.$conf['images_dir'].'</a>'.$path.'</div><table border="0" width="100%" class="tabelka2">
		<tr>
		<td class="row_3" align=center width=18></td>
		<td class="row_3" align=center>'.$lang['file_name'].'</td>
		<td class="row_3" align=center>'.$lang['file_size'].'</td>
		<td class="row_3" align=center>'.$lang['file_date'].'</td>
		<td class="row_3" align=center>'.$lang['file_tasks'].'</td>
		</tr>';

	$dirs = NULL;
	$files = NULL;

	if($d = opendir($conf['images_dir'].$_GET['dir'])) {
		//usuwanie nieistniej�cych plik�w z bazy
		img_auto_remove($_GET['dir']);
		while($file = readdir($d)) {
			clearstatcache();
			if(!is_dir($conf['images_dir'].$_GET['dir'].$file)) {
				if(eregi("^(.+)\.(jpg|jpeg|gif|png)$", $file) && !ereg("^\..+", $file)) {
					//dodawanie plik�w je�eli nie ma ich w bazie
					img_auto_add($_GET['dir'], $file);
					//
					$files[] = $file;
				} elseif(eregi("^(.+)\.(swf)$", $file)) $files[] = $file;				
			}
			elseif(!ereg("^\..*", $file))
				$dirs[] = $file;
		}
	}

	if(is_array($files))
		sort($files);
	if(is_array($dirs))
		sort($dirs);

	$content .= '<tr>
		<td class="row_1" align="center"><img src="admin/gfx/icons/icon_folder.gif" width="16" height="16"></td>
		<td class="row_1" align="left"><a href="index.php?module=admin&action=images&cmd=view_dir&amp;dir='.$_GET['dir'].'">.</a></td>
		<td class="row_1" align="center">dir</td>
		<td class="row_1" align="center">'.date("d.m.Y", filemtime($conf['images_dir'].$_GET['dir'])).'</td>
		<td class="row_1" align="center"><a href="index.php?module=admin&action=images&cmd=mkdir&amp;dir='.$_GET['dir'].'">'.$lang['file_md'].'</a></td>
		</tr>';

	if($_GET['dir'] != '') {
		$file = '';
		for($i = 0; $i < (count($t)-2); $i++)
			$file .= $t[$i].'/';

		$content .= '<tr>
			<td class="row_1" align="center"><img src="admin/gfx/icons/icon_folder.gif" width="16" height="16"></td>
			<td class="row_1" align="left"><a href="index.php?module=admin&action=images&cmd=view_dir&amp;dir='.$file.'">..</a></td>
			<td class="row_1" align="center">dir</td>
			<td class="row_1" align="center">'.date("d.m.Y", filemtime($conf['images_dir'].$file)).'</td>
			<td class="row_1" align="center">-</td>
			</tr>';
	}

	for($k = 0; $k < count($dirs); $k++) {
		$content .= '<tr>
			<td class="row_1" align="center"><img src="admin/gfx/icons/icon_folder.gif" width="16" height="16"></td>
			<td class="row_1" align="left"><a href="index.php?module=admin&action=images&cmd=view_dir&amp;dir='.$_GET['dir'].$dirs[$k].'/">'.$dirs[$k].'</a></td>
			<td class="row_1" align="center">dir</td>
			<td class="row_1" align="center">'.date("d.m.Y", filemtime($conf['images_dir'].$_GET['dir'].$dirs[$k])).'</td>
			<td class="row_1" align="center"><a href="index.php?module=admin&action=images&cmd=mkdir&amp;dir='.$_GET['dir'].$dirs[$k].'/">'.$lang['file_md'].'</a>, <a href="index.php?module=admin&action=images&cmd=rmdir&amp;dir='.$_GET['dir'].$dirs[$k].'/">'.$lang['file_rm'].'</a></td>
			</tr>';
	}

	$db=new dbquery;

	for($k = 0; $k < count($files); $k++) {
		if(eregi("^(.+)\.(jpg|jpeg|gif|png)$", $files[$k], $fl)) {
			$fl[2] = strtolower($fl[2]);
			switch($fl[2]) {
				case 'jpeg':		$icon = 'jpg';
							break;
				default:		$icon = $fl[2];
			}
			$size = filesize($conf['images_dir'].$_GET['dir'].$files[$k]);
			if ($size < 1024)
				$size .= 'B';
			elseif ($size < 1048576)
				$size = round(($size/1024), 2).'kB';
			else
				$size = round(($size/1048576), 2).'MB';

			$db->query("SELECT id, minx, miny, name, path FROM $conf[prefix]images WHERE path = '$_GET[dir]' and name = '$files[$k]'") or $db->err(__FILE__, __LINE__);
			$img = $db->fetch_object();

			$min_ext = $fl[2];
			$min_fn = "$img->id.$min_ext";

			$overlib = 'onmouseover="return overlib(\'<iframe width=\\\''.$img->minx.'\\\' height=\\\''.$img->miny.'\\\' src=\\\''.$conf['images_min_dir'].md5($img->path.$img->name).'.'.$min_ext.'\\\' id=\\\''.$k.'\\\' marginwidth=\\\'0\\\' marginheight=\\\'0\\\' scrolling=\\\'NO\\\' frameborder=\\\'0\\\'>no iframe support</iframe>\', MOUSEOFF, WRAP);" onmouseout="return nd();"';

			$content .= '<tr>
				<td class="row_1" align="center"><a href="javascript:open_popup(\'index.php?module=images&function=img_full_size&amp;url='.urlencode($conf['images_dir'].$_GET['dir'].$files[$k]).'\', \'200\', \'200\');"><img src="admin/gfx/icons/icon_'.$icon.'.gif" width="16" height="16" /></a></td>
				<td class="row_1" align="left"><a href="index.php?module=admin&action=images&cmd=img_edit&dir='.$_GET['dir'].'&amp;img='.$files[$k].'" '.$overlib.'>'.$files[$k].'</a></td>
				<td class="row_1" align="center">'.$size.'</td>
				<td class="row_1" align="center">'.date("d.m.Y", filemtime($conf['images_dir'].$_GET['dir'].$files[$k])).'</td>
				<td class="row_1" align="center"><a href="index.php?module=admin&action=images&cmd=img_edit&dir='.$_GET['dir'].'&amp;img='.$files[$k].'">'.$lang['admin_edit'].'</a>, <a href="index.php?module=admin&action=images&cmd=img_rm&dir='.$_GET['dir'].'&amp;img='.$files[$k].'">'.$lang['file_rm'].'</a></td>
				</tr>';
		}
		elseif(ereg("^(.+)\.(swf)$", $files[$k])) {
			$size = filesize($conf[images_dir].$_GET['dir'].'/'.$files[$k]);
			if ($size < 1024)
				$size .= 'B';
			elseif ($size < 1048576)
				$size = round(($size/1024), 2).'kB';
			else
				$size = round(($size/1048576), 2).'MB';

			$content .= '<tr>
				<td class="row_1" align="center"><img src="admin/gfx/icons/icon_swf.gif" width="16" height="16"></td>
				<td class="row_1" align="left"><a href="index.php?module=admin&action=images&cmd=swf_edit&dir='.$_GET['dir'].'&amp;img='.$files[$k].'">'.$files[$k].'</a></td>
				<td class="row_1" align="center">'.$size.'</td>
				<td class="row_1" align="center">'.date("d.m.Y", filemtime($conf['images_dir'].$_GET['dir'].'/'.$files[$k])).'</td>
				<td class="row_1" align="center"><a href="index.php?module=admin&action=images&cmd=swf_edit&dir='.$_GET['dir'].'&amp;img='.$files[$k].'">'.$lang['admin_edit'].'</a>, <a href="index.php?module=admin&action=images&cmd=swf_rm&dir='.$_GET['dir'].'&amp;img='.$files[$k].'">'.$lang['file_rm'].'</a></td>
				</tr>';
		}
	}

	$content .= '
		<tr>
		<td colspan="7"><a href="index.php?module=admin&action=images&cmd=add&amp;dir='.$_GET['dir'].'">'.$lang['admin_add'].'</a></td>
		</tr>
		</table>';
}
elseif($_GET['cmd'] == 'mkdir') {
	if(!perms_check('images', 'mkdir')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}
	if(ereg('\.\.', $_GET[dir])) {
		redirect('index.php?module=admin&action=images'); 
		exit();
	}
	$content = '<form action="index.php" method="post">
		<input type="hidden" name="function" value="img_mkdir">
		<input type="hidden" name="path" value="'.$_GET['dir'].'">
		<input type="hidden" name="module" value="images">
		<table align="center" width="50%" border="0" class="tabelka2">
		<tr>
		<td height="5"> </td>
		</tr>
		<tr>
		<td class="row_2" align="center">'.$lang['file_name'].'</td>
		<td class="row_2" align="left"><input type="text" maxlength="150" name="name" value="" class="button" size="30"></td>
		</tr>
		<tr>
		<td align="center" colspan="2"><input type="submit" value="'.$lang['file_md'].'" class="button"></td>
		</tr>
		<tr>
		<td height="5"> </td>
		</tr>
		</table></form>';
}
elseif($_GET['cmd'] == 'rmdir') {
	if(!perms_check('images', 'rmdir')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}
	if(($_GET['dir'] == '') || (ereg('\.\.', $_GET[dir]))) {
		redirect('index.php?module=error&error=dir_error1'); 
		exit();
	}
	else {
		$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=images&function=img_rmdir&amp;dir='.$_GET[dir].'\'" value="'.$lang['yes'].'" class="button">';
		$no='<input type="button" onClick="javascript:location.href=\''.$_SESSION['redirect_2'].'\'" value="'.$lang['no'].'" class="button">';
		$content = string_template($lang['admin_really_delete'], array('yes' => $yes, 'no' => $no, 'what' => $_GET['dir']));      
	}
}
elseif($_GET['cmd'] == 'add') {
	if(!perms_check('images', 'upload')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}

	//generating list of directories in $conf['images_dir']
	$path_options = null;
	dir_list('', 1, 'new');

	$db=new dbquery;
	$db->query("SELECT id,name FROM $conf[prefix]watermark ORDER BY name") or $db->err(__FILE__, __LINE__);

	$watermark_options = "<option value=\"0\" selected>$lang[watermark_none]</option>";
	while($wm = $db->fetch_object()) {
		if($wm->id==$conf['img_def_watermark'])
			$select='selected';
		else
			$select='';
		$watermark_options .= "<option value=\"$wm->id\" ".$select.">$wm->name</option>";
	}

	$array=array('function' => 'img_add', 'p' => '', 'filename' => '', 'name' => '', 'path_options' => $path_options, 'source' => '', 'source_url' => '', 'checked' => ' checked', 'watermark_options' => $watermark_options);

	$multi = NULL;
	$langs = get_lang_list();
	$languages = get_languages_list();
	$i = 0;

	foreach($langs as $key => $l) {
		$i++;
		if($l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$multi .= string_template(read_file('admin/themes/images_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));

		$t = "desc_$l";
		$array["$t"] = '';

		//recover
		if(ereg('module=error', $_SERVER['HTTP_REFERER'])) {
			$t = "desc_$l";
			$array["$t"] = $_SESSION['recover_'.$t];   
		}
		//
	}

	$content = string_template(read_file('admin/themes/image_form.php'), array('multi' => $multi));
	$content = string_template($content, $array);
}
elseif($_GET['cmd'] == 'add_swf') {
	if(!perms_check('images', 'upload')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}

	//generating list of directories in $conf['images_dir']
	$path_options = null;
	dir_list('', 1, 'new');
	//generating options for select-fields in flash_form
	$scale_options = '<option value="noscale" selected>noscale</option>
		<option value="noborder">noborder</option>
		<option value="exactfit">exactfit</option>
		<option value="showall">showall</option>
		';
	$menu_options = '<option value="true">true</option>
		<option value="false" selected>false</option>
		';
	$wmode_options = '<option value="window" selected>window</option>
		<option value="opaque">opaque</option>
		<option value="transparent">transparent</option>
		';

	//generating content - add-image form
	$content = string_template(read_file('admin/themes/flash_form.php'), array('function' => 'swf_add', 'p' => '', 'filename' => '', 'movie' => '', 'name' => '', 'path_options' => $path_options, 'width' => '', 'height' => '', 'border' => 0, 'bgcolor' => '#FFFFFF', 'scale_options' => $scale_options, 'menu_options' => $menu_options, 'wmode_options' => $wmode_options, 'checked' => ' checked'));
}
elseif($_GET['cmd'] == 'img_rm') {
	if(!perms_check('images', 'del')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}
	if((($_GET['dir'] == '') || (ereg('\.\.', $_GET['dir']))) || (($_GET['img'] == '') || (ereg('\.\.', $_GET['img'])))) {
		redirect('index.php?module=error&error=dir_error1'); 
		exit();
	}
	else {
		$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=images&function=img_rm&dir='.$_GET[dir].'&amp;img='.$_GET[img].'\'" value="'.$lang['yes'].'" class="button">';
		$no='<input type="button" onClick="javascript:location.href=\''.$_SESSION['redirect_2'].'\'" value="'.$lang['no'].'" class="button">';
		$content = string_template($lang['admin_really_delete'], array('yes' => $yes, 'no' => $no, 'what' => $_GET['img']));      
	}
}
elseif($_GET['cmd'] == 'img_edit') {
	SQLvalidate($_GET['dir'], 'varchar');
	SQLvalidate($_GET['img'], 'varchar');

	if(!perms_check('images', 'edit')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}

	$db=new dbquery;
	$db->query("SELECT * FROM $conf[prefix]images WHERE path='$_GET[dir]' AND name='$_GET[img]'") or $db->err(__FILE__, __LINE__);
	$img = $db->fetch_object();

	if($db->num_rows()==0) {
		redirect($_SESSION['redirect_2']);
		exit;
	}

	//generating list of directories in $conf['images_dir']
	$path_options = null;
	dir_list('', 1, $_GET['dir']);
	//

	//generating img_min and img
	$fext=end($foo=explode(".", $_GET['img']));
	if(function_exists(ImageGIF))
		$img_min = md5($_GET['dir'].$_GET['img']).'.'.$fext;
	else
		$img_min = md5($_GET['dir'].$_GET['img']).'.jpg';

	$link = $conf['images_dir'].$_GET['dir'].$_GET['img'];
	$src = $conf['images_min_dir'].$img_min;
	//

	//watermark
	$db->query("SELECT id,name FROM $conf[prefix]watermark ORDER BY name") or $db->err(__FILE__, __LINE__);
	$watermark_options = "<option value=\"0\" selected>$lang[watermark_none]</option>\n";

	while($wm = $db->fetch_object()) {
		$watermark_options .= "<option value=\"$wm->id\">$wm->name</option>\n";
	}
	//

	$name=explode('.', $img->name);
	$name=$name[0];

	//multilang 
	$array=array('function' => 'img_edit', 'p' => read_text_rest($_GET['dir']), 'filename' => read_text_rest($img->name), 'link' => $link, 'src' => $src, 'name' => $name, 'path_options' => $path_options, 'source' => read_text_rest($img->source), 'source_url' => read_text_rest($img->source_url), 'checked' => '', 'watermark_options' => $watermark_options);

	$multi = NULL;
	$langs = get_lang_list();
	$languages = get_languages_list();
	$i = 0;

	foreach($langs as $key => $l) {
		$i++;
		if($l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$multi .= string_template(read_file('admin/themes/images_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));

		$t = "desc_$l";
		$array["$t"] = read_text_rest($img->$t);

		//recover
		if(ereg('module=error', $_SERVER['HTTP_REFERER'])) {
			$t = "desc_$l";
			$array["$t"] = $_SESSION['recover_'.$t];   
		}
		//
	}
	//

	$content = string_template(read_file('admin/themes/image_form.php'), array('multi' => $multi));
	$content = string_template($content, $array);
}
elseif($_GET['cmd'] == 'swf_edit') {
	SQLvalidate($_GET['dir'], 'varchar');
	SQLvalidate($_GET['img'], 'varchar');

	if(!perms_check('images', 'edit')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}

	$dr = $_GET['dir'];
	$nm = $_GET['img'];

	$db=new dbquery;
	$db->query("SELECT * FROM $conf[prefix]flash WHERE path='$dr' AND name='$nm'") or $db->err(__FILE__, __LINE__);

	$a = $db->fetch_object();

	//generating list of directories in $conf['images_dir']
	$path_options = null;
	dir_list('', 1, $_GET['dir']);
	//generating options for select-fields in flash_form
	$scale_options = '<option value="noscale"';
	if($a->scale == 'noscale')
		$scale_options .= ' selected';
	$scale_options .= '>noscale</option>
		<option value="noborder"';
	if($a->scale == 'noborder')
		$scale_options .= ' selected';
	$scale_options .= '>noborder</option>
		<option value="exactfit"';
	if($a->scale == 'exactfit')
		$scale_options .= ' selected';
	$scale_options .= '>exactfit</option>
		<option value="showall"';
	if($a->scale == 'showall')
		$scale_options .= ' selected';
	$scale_options .= '>showall</option>
		';
	$menu_options = '<option value="true"';
	if($a->menu == 'true')
		$menu_options .= ' selected';
	$menu_options .= '>true</option>
		<option value="false"';
	if($a->menu == 'false')
		$menu_options .= ' selected';
	$menu_options .= '>false</option>
		';
	$wmode_options = '<option value="window"';
	if($a->wmode == 'window')
		$wmode_options .= ' selected';
	$wmode_options .= '>window</option>
		<option value="opaque"';
	if($a->wmode == 'opaque')
		$wmode_options .= ' selected';
	$wmode_options .= '>opaque</option>
		<option value="transparent"';
	if($a->wmode == 'transparent')
		$wmode_options .= ' selected';
	$wmode_options .= '>transparent</option>
		';
	//generating content - add-image form
	$movie = '<input type="radio" name="how_image" class="radio" value="no_change" CHECKED><br>
		<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH='.$a->width.' HEIGHT='.$a->height.' BORDER='.$a->border.'>
		<PARAM NAME=movie VALUE="'.substr($conf['images_dir'], 0, -1).read_text_rest($a->path).'/'.read_text_rest($a->name).'">
		<PARAM NAME=menu VALUE='.$a->menu.'>
		<PARAM NAME=quality VALUE=best>
		<PARAM NAME=scale VALUE='.$a->scale.'>
		<PARAM NAME=wmode VALUE='.$a->wmode.'>
		<PARAM NAME=bgcolor VALUE='.$a->bgcolor.'>
		<EMBED src="'.substr($conf['images_dir'], 0, -1).read_text_rest($a->path).'/'.read_text_rest($a->name).'" menu='.$a->menu.' quality=best scale='.$a->scale.' bgcolor='.$a->bgcolor.'  WIDTH='.$a->width.' HEIGHT='.$a->height.' BORDER='.$a->border.' TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash"></EMBED>
		</OBJECT>';
	$content = string_template(read_file('admin/themes/flash_form.php'), array('function' => 'swf_edit', 'p' => read_text_rest($a->path), 'filename' => read_text_rest($a->name), 'movie' => $movie, 'name' => read_text_rest($a->name), 'path_options' => $path_options, 'width' => $a->width, 'height' => $a->height, 'border' => $a->border, 'bgcolor' => $a->bgcolor, 'scale_options' => $scale_options, 'menu_options' => $menu_options, 'wmode_options' => $wmode_options, 'checked' => ''));
}
elseif($_GET['cmd'] == 'swf_rm') {
	if(!perms_check('images', 'del')) {
		redirect('index.php?module=error&error=auth_error'); 
		exit();
	}
	if((($_GET['dir'] == '') || (ereg('\.\.', $_GET['dir']))) || (($_GET['img'] == '') || (ereg('\.\.', $_GET['img'])))) {
		redirect('index.php?module=error&error=dir_error1'); 
		exit();
	}
	else {
		$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=images&function=swf_rm&dir='.$_GET[dir].'&amp;img='.$_GET[img].'\'" value="'.$lang['yes'].'" class="button">';
		$no='<input type="button" onClick="javascript:location.href=\'index.php?module=admin&action=images&cmd=view_dir&amp;dir='.$_GET[dir].'\'" value="'.$lang['no'].'" class="button">';
		$content = string_template($lang['admin_really_delete'], array('yes' => $yes, 'no' => $no, 'what' => $_GET['img']));      
	}
}


$content=string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $content, 'description' => strtoupper($_GET['action'])));
//

?>
